← Back

CVE-2015-2814

nvd nist
Published: Apr 1, 2015Modified: May 6, 2026

JSON object

Loading...
6.4
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:P
Exploitability: 10.0 / Impact: 4.9
Source: NVD

Description

SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt) does not properly restrict access, which allows remote attackers to change the backendurl, clientid, ssourl, and infopageurl settings via unspecified vectors, aka SAP Security Note 2117079.

Affected (2)

Sap
2 products
Clinical Task Tracker
Emr Unwired
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Clinical Task Tracker
All versions
Emr Unwired
All versions

Related CWEs

CWE-264
CWE-264

References (4)

Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.